WordPress Vulnerabilities Database

WordPress <= 4.2 - Stored XSS

Product

WordPress

Description

A stored XSS affects the WordPress core. This vulnerability allows an attacker to inject JavaScript in WordPress comments, change the administrator’s password, create new accounts or execute arbitrary code
on the server through the theme and plugin editors.